diff --git a/lib/ansible/runner/connection_plugins/ssh.py b/lib/ansible/runner/connection_plugins/ssh.py index c2fd9666eb..32e1797d3a 100644 --- a/lib/ansible/runner/connection_plugins/ssh.py +++ b/lib/ansible/runner/connection_plugins/ssh.py @@ -266,7 +266,7 @@ class Connection(object): if utils.VERBOSITY > 3: ssh_cmd += ["-vvv"] else: - ssh_cmd += ["-q"] + ssh_cmd += ["-v"] ssh_cmd += self.common_args if self.ipv6: @@ -375,6 +375,27 @@ class Connection(object): raise errors.AnsibleError('using -c ssh on certain older ssh versions may not support ControlPersist, set ANSIBLE_SSH_ARGS="" (or ssh_args in [ssh_connection] section of the config file) before running again') if p.returncode == 255 and (in_data or self.runner.module_name == 'raw'): raise errors.AnsibleError('SSH Error: data could not be sent to the remote host. Make sure this host can be reached over ssh') + if p.returncode == 255: + ip = None + port = None + for line in stderr.splitlines(): + match = re.search( + 'Connecting to .*\[(\d+\.\d+\.\d+\.\d+)\] port (\d+)', + line) + if match: + ip = match.group(1) + port = match.group(2) + if 'UNPROTECTED PRIVATE KEY FILE' in stderr: + lines = [line for line in stderr.splitlines() + if 'ignore key:' in line] + else: + lines = stderr.splitlines()[-1:] + if ip and port: + lines.append(' while connecting to %s:%s' % (ip, port)) + lines.append( + 'It is sometimes useful to re-run the command using -vvvv, ' + 'which prints SSH debug output to help diagnose the issue.') + raise errors.AnsibleError('SSH Error: %s' % '\n'.join(lines)) return (p.returncode, '', no_prompt_out + stdout, no_prompt_err + stderr)